I have a client (he reads my blog from time to time, so Hello if you’re reading this. ;o) who experienced an issue I hadn’t run across before. They are migrating their MOSS 2007 environment to another location and were basically trying to setup the same version of MOSS but virtualized on Windows 2008/IIS 7 rather than physically on Windows 2003/IIS 6.

They have several Smart Card/CAC authenticated extended sites for external users. They were using the IIS Certificate Mapping feature which is a bit different and causes some of extra work since their isn’t actually a GUI in IIS 7 like there was in IIS 6.

We got everything configured properly using the following article if you’re interested in implementing this in your environment:

Even though we had all this configured properly, the MOSS sites would not resolve, they rendered a non-specific 500 Internal Server Error instead, fun stuff right?

After hours of troubleshooting the configuration and finally bringing on an IIS expert from Microsoft’s support team, they found out that this issue was being caused by the two registry keys below. These were added as part of a security update that was designed as a workaround to a TLS/SSL vulnerability.